Commit graph

11968 commits

Author SHA1 Message Date
Michael Golowka OR 1=1); DROP TABLE users; -- d9ed6b845c
Improve Helm chart example for standalone with TLS configuration (#8022)
* Improve standalone with TLS example

- Documented creating a key & cert for serving Vault endpoints
- Removed unneeded configuration in custom values.yaml
- Updated examples to 1.3.0

* Add 127.0.0.1 to CSR

* Grammar & minor formatting

* Add additional DNS entry for CSR

* Fix typos, formatting, and other minor issues

* Use correct header depth for Helm Configuration

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-01-21 15:44:14 -07:00
Clint b7c2acccd9
Website: Fix configuration links from Helm run docs (#8201) 2020-01-21 13:30:35 -06:00
DDd d1b4082fb3 Fix k8s docs for running standalone (#8199)
* instruction for HA was actually for standalone.
2020-01-21 19:46:33 +01:00
Clint 6b16f7521a
update 'learn about the configuration options' link (#8146) 2020-01-21 12:06:42 -06:00
Vishal Nayak fb93b0bf9c Use Shamir as KeK when migrating from auto-seal to shamir (#8172)
* Use Shamir as KeK when migrating from auto-seal to shamir

* Use the correct number of shares/threshold for the migrated seal.

* Fix log message

* Add WaitForActiveNode to test

* Make test fail

* Minor updates

* Test with more shares and a threshold

* Add seal/unseal step to the test

* Update the logic that prepares seal migration (#8187)

* Update the logic that preps seal migration

* Add test and update recovery logic

Co-authored-by: ncabatoff <nick.cabatoff@gmail.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-01-21 09:24:33 -08:00
Jim Kalafut 004e3e5cd2
changelog++ 2020-01-21 08:25:04 -08:00
Anthony Dong d4267b4250 ssh backend: support at character in role name (#8038) 2020-01-21 11:46:29 +01:00
Mikko Ekström 1f034ee380 Fix typo in YAML markup (#8194) 2020-01-20 16:39:51 +01:00
Jim Kalafut fdb7416b02
Fix typo (#8192)
Fixes #8189
2020-01-18 20:18:57 -08:00
Daniel Spangenberg c64c2bf512
Fix k8s injector examples (#8179) 2020-01-18 14:47:18 +01:00
Jeff Escalante 6b602ea068 update dependencies, patch nextjs config (#8184) 2020-01-17 17:32:35 -08:00
Becca Petrin aebfdc7516
Strip unnecessary payload in AD root cred rotation example (#8160)
* strip unnecessary payload in example

* strip other unnecessary payload
2020-01-17 16:49:36 -08:00
Jeff Escalante df34412570 New Website! (#8154)
* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes
2020-01-17 16:18:09 -08:00
Angel Garbarino 9c262d82ec
Update CHANGELOG.md 2020-01-17 16:12:33 -07:00
Brian Kassouf 4a1cb93860
changelog++ 2020-01-17 14:58:35 -08:00
Brian Kassouf 1e37eadfa0
Fix panic when listener fails to startup (#8174) 2020-01-17 09:07:53 -08:00
Brian Kassouf f32a86ee7a
Create network layer abstraction to allow in-memory cluster traffic (#8173) 2020-01-16 23:03:02 -08:00
Jeff Mitchell 3956072c93 Update test var name and tidy 2020-01-16 20:18:59 -05:00
ncabatoff db4345a2e6
Factor out mysqlhelper so we can create mysql docker containers in other tests. (#8167) 2020-01-16 17:51:10 -05:00
ncabatoff 283ae11626
changelog++ 2020-01-16 15:12:33 -05:00
Calvin Leung Huang 221cd2b68f
changelog++ 2020-01-16 10:16:21 -08:00
Jeff Mitchell 34333f5046
Pull wrapping creation to a var (#8137)
* Pull a func out to a var

* Funcouttovarextension (#8153)

* Update test

Co-authored-by: Lexman <Lexman42@users.noreply.github.com>
2020-01-16 13:10:30 -05:00
Calvin Leung Huang 67c0773df9
ldap, okta: fix renewal when login policies are empty (#8072)
* ldap, okta: fix renewal when login policies are empty

* test/policy: add test for login renewal without configured policy

* test/policy: remove external dependency on tests, refactor lease duration check
2020-01-16 09:42:35 -08:00
Angel Garbarino 0209fc88bf
Update CHANGELOG.md 2020-01-16 09:45:49 -07:00
ncabatoff 88cb26e687
changelog++ 2020-01-16 11:29:35 -05:00
Angel Garbarino ddc6483673
Update CHANGELOG.md 2020-01-15 15:03:55 -07:00
Roberto Pommella Alegro 9b01d34703 Fix oidc callback to check entire storage (#7929)
* Fix oidc callback to check entire storage

In some cases, extensions or other unexpected javascript can be executed
on the oidc callback. Sometimes changing the localstorage and generating
a `storage` event before the callback component does. In such cases, the
authorization component will hang indefinitely.

A simple fix is to check for the expected `oidcState` key in the whole
localstorage instead of just the event `key`.

* Fix tests for auth-jwt

Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
2020-01-15 14:27:12 -07:00
Angel Garbarino 3b28d42bf8
Update CHANGELOG.md 2020-01-15 13:05:20 -07:00
Angel Garbarino 2fb4ee2d5a
Show permissions error on KV when you don't have access to create a secret (#8133)
* add catch for fail on save.  isError is not being set to true, so set it in the catch

* add conditionally to only catch 403 permission errors.  Otherwise it will catch and return an unhelpful error message for when you are trying to save a duplicate secret

* add in code comment

* remove catch and pass version 2 secret model to Error handler inside template

* replace Error model with modelForData to catch errors on the correct model

* add back in space

* replace error model with modelForData
2020-01-15 13:02:15 -07:00
Noelle Daley bf9002dda4
set JOBS=2 to prevent memory errors; see https://github.com/emberjs/ember.js/issues/15641#issuecomment-328496408 (#8152) 2020-01-15 09:53:18 -08:00
Michel Vocks 86ab27f35a
changelog++ 2020-01-15 12:58:49 +01:00
Michel Vocks 544ab857a7
changelog++ 2020-01-15 11:29:43 +01:00
Michel Vocks 13ebf5460c
Add TLS options per Nomad backend (#8083) 2020-01-15 11:03:38 +01:00
Vishal Nayak 26ee62a027 changelog++ 2020-01-14 16:44:16 -05:00
Jason O'Donnell e40bbb0aaf
doc: add extraArgs example to vault-helm (#8149)
* doc: add extraArgs example

* Update website/source/docs/platform/k8s/helm/configuration.html.md

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

* Update website/source/docs/platform/k8s/helm/run.html.md

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

* Update injector installation example

* Update website/source/docs/platform/k8s/helm/configuration.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/source/docs/platform/k8s/helm/run.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-01-14 14:14:56 -05:00
Michel Vocks feb5391767
Docs: Add vaul.token.create_root metric (#8089)
* Docs: Add vaul.token.create_root metric

* Update website/source/docs/internals/telemetry.html.md

* Add additional note
2020-01-14 15:47:10 +01:00
Vishal Nayak 8891f2ba88 Raft retry join (#7856)
* Raft retry join

* update

* Make retry join work with shamir seal

* Return upon context completion

* Update vault/raft.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Address some review comments

* send leader information slice as a parameter

* Make retry join work properly with Shamir case. This commit has a blocking issue

* Fix join goroutine exiting before the job is done

* Polishing changes

* Don't return after a successful join during unseal

* Added config parsing test

* Add test and fix bugs

* minor changes

* Address review comments

* Fix build error

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-01-13 17:02:16 -08:00
Becca Petrin 02c9a45c40
Fix AWS region tests (#8145)
* fix aws region tests

* strip logger

* return an error, restore tests to master

* fix extra line at import

* revert changes in spacing and comments

* Update sdk/helper/awsutil/region.go

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* strip explicit nil value

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-01-13 14:56:41 -08:00
Jeff Mitchell 80408beabe Bump go-kms-wrapping dep to fix a nil pointer in tests 2020-01-13 09:28:49 -05:00
Jeff Mitchell c5f9f8fc05 Update go-kms-wrapping dep 2020-01-13 09:25:11 -05:00
Jeff Mitchell 78a1d51a3a Update vendoring 2020-01-10 20:50:36 -05:00
Jeff Mitchell 6a5916fdc3 Bump sdk/api 2020-01-10 20:45:24 -05:00
Jeff Mitchell 79ba7def56 Bump api's sdk 2020-01-10 20:40:44 -05:00
Jeff Mitchell a0694943cc
Migrate built in auto seal to go-kms-wrapping (#8118) 2020-01-10 20:39:52 -05:00
Noelle Daley 3ab87306a3
changelog++ 2020-01-10 16:54:21 -08:00
Noelle Daley 864b434415
Fix delete namespaces (#8132)
* do not access items.content since it turns items into an InternalModel and breaks deleting namespaces

* remove pagination story until we have a better way to fake data in Storybook
2020-01-10 16:48:48 -08:00
Becca Petrin 9f5b4caba0 fix AWS http import 2020-01-10 15:53:56 -08:00
Becca Petrin 6291c75175
Add support for AWS instance metadata v2 (#8062)
* add support for aws instance metadata v2

* use GetDynamicData instead
2020-01-10 09:31:16 -08:00
Jeff Mitchell 156e31c740 Bump go-uuid 2020-01-10 10:43:37 -05:00
Michel Vocks 80bc527726 Fix DB static role credential rotation replication issue (#8105)
* Fix DB static role credential rotation replication issue

* Rebased and switched to new path forward options

* Removed unnecesary write to storage
2020-01-09 16:45:07 -08:00